How I pass the Azure Security Exam Az-500

In the past I have taken several Azure exams, and yesterday I took the Azure Security exam Az-500. I am really glad that I passed the exam. In this article I will give you a brief overview of the topics I saw in the exam and what materials I used to prepare for the exam. I can say directly that the best way to succeed in the exam is practice.

General

The Azure Security exam covers a broad range of Azure topics and this makes the exam so difficult. You need a wide range of understanding how Azure works and which security features Azure has. But the exam doesn`t focus on Azure. There are some additional areas that the exam cover for instance Intune.

Which areas are in my exam?

Here are a list of areas that are covered in my exam and some additional infos in the brackets.

Azure AD

How Azure AD works

RBAC concept (Admin, contributor, etc.)

What are App registrations

Difference between PTA and PHS (AAD Connect)

Conditional Access rules (How they work and how they interact)

Identiy Protection (difference to PIM)

Privileged Identity Management

Network

Network Security Groups

Application Security Groups

Azure Firewall

Network concepts (Hub and spoke)

Container

Kubernetes security with ASC

Network design

Threat protection possibilities

Deployment

Completing ARM Templates

Various topics

Azure Monitor (generate alerts, data store, etc.)

Azure Policy

Management Groups

Azure Blueprints

Subscription movement

Intune baseline management

Just-in-time VM access

Azure Security Center

Storage Account (SAS, Keys, etc.)

Difference between ER and S2S

Resource locks

This are a overview of the different topics that are adressed in my exam.

Some questions

Which license did you need for PIM?

Which modes are valid for resource locks?

Can you use tags for NSGs?

Which are valid Azure monitor data sources?

What are Azure policy initiatives?

Which event will create an alert from SQL ATP?

Which resources I use to practice?

For exam preperation there are a lots of materials available in the Internet.

Mainly I focused on practice the different exam topics and used study guides from different MVPs. Additional I booked a course from OpenEDX. Here`s a list of used ressources: